[PATCH, middle-end]: Fix PR53136, Use after free in cgraph dumps

[Uros Bizjak <ubizjak at gmail dot com>]

Hello!

There is a problem with multiple calls of cgraph_node_name in fprintf
dumps. Please note that C++ uses caching in
cxx_printable_name_internal (aka LANG_HOOKS_DECL_PRINTABLE_NAME), so
when cxx_printable_name_internal is called multiple times from printf
(i.e. fprintf "%s/%i -> %s/%i"), it can happen that the first string
gets evicted by the second call, before fprintf is fully evaluated.

Attached patch audits all uses of cgraph_node_name, and in case of
multiple calls in dump fprintf, wraps every call in xstrdup. This
fixes valgrind report in the PR, as well as original dump failure on
alpha [1].

I think that small memory leak is tolerable here (the changes are
exclusively in the dump code), and follows the same approach as in
java frontend.

2012-04-30  Uros Bizjak  <ubizjak@gmail.com>

	PR middle-end/53136
	* ipa-prop.c (ipa_print_node_jump_functions): Wrap multiple
	calls to cgraph_node_name in xstrdup.
	(ipa_make_edge_direct_to_target): Ditto.
	* cgraph.c (dump_cgraph_node): Ditto.
	* tree-sra.c (convert_callers_for_node): Ditto.
	* lto-symtab.c (lto_cgraph_replace_node): Ditto.
	* ipa-cp.c (perhaps_add_new_callers): Ditto.
	* cgraphunit.c (cgraph_redirect_edge_call_stmt_to_callee): Ditto.
	(cgraph_materialize_all_clones): Ditto.
	* ipa-inline.c (report_inline_failed_reason): Ditto.
	(want_early_inline_function_p): Ditto.
	(edge_badness): Ditto.
	(update_edge_key): Ditto.
	(flatten_function): Ditto.
	(ipa_inline): Ditto.
	(inlinw_always_inline_functions): Ditto.
	(early_inline_small_functions): Ditto.

Patch was tested on x86_64-pc-linux-gnu {,-m32} and alphaev68-pc-linux-gnu.

OK for mainline?

[1] http://gcc.gnu.org/ml/gcc-testresults/2012-04/msg02722.html

Uros.

Attachment: p.diff.txt
Description: Text document